CHIPS Articles: Second Draft of Cryptographic Key Management Guidance Available for Comment

Second Draft of Cryptographic Key Management Guidance Available for Comment

Special Publication 800-57 Part 2 Rev. 1, Part 2: Best Practices for Key Management Organizations

By CHIPS Magazine
-
November 21, 2018

The National Institute for Standards and Technology has issued Special Publication (SP) 800-57 which provides cryptographic key management guidance. It consists of three parts. Part 1, Recommendation for Key Management, Part 1: General, provides general guidance and best practices for the management of cryptographic keying material. Part 2, Best Practices for Key Management Organizations, provides guidance on policy and security planning requirements. Finally, Part 3, Recommendation for Key Management, Part 3: Application-Specific Key Management Guidance, provides guidance when using the cryptographic features of current systems.

The new document, Part 2, “(1) identifies the concepts, functions and elements common to effective systems for the management of symmetric and asymmetric keys; (2) identifies the security planning requirements and documentation necessary for effective institutional key management; (3) describes key management specification requirements; (4) describes cryptographic key management policy documentation that is needed by organizations that use cryptography; and (5) describes key management practice statement requirements,” according to the NIST release.

CHIPS is an official U.S. Navy website sponsored by the Department of the Navy (DON)
Chief Information Officer, the Department of Defense Enterprise Software Initiative
(ESI) and the DON's ESI Software Product Manager Team at Space and Naval Warfare
Systems Center Pacific.